Integer Overflow Vulnerability in FreeBSD f_count Counter

Integer Overflow Vulnerability in FreeBSD f_count Counter

CVE-2003-1234 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:P

Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop.

Learn more about our User Device Pen Test.